Cryptology ePrint Archive: Report 2017/417

A Proof-of-Stake protocol for consensus on Bitcoin subchains

Massimo Bartoletti and Stefano Lande and Alessandro Sebastian Podda

Abstract: Although the transactions on the Bitcoin blockchain have the main purpose of recording currency transfers, they can also carry a few bytes of metadata. A sequence of transaction metadata forms a subchain of the Bitcoin blockchain, and it can be used to store a tamper-proof execution trace of a smart contract. Except for the trivial case of contracts which admit any trace, in general there may exist inconsistent subchains which represent incorrect contract executions. A crucial issue is how to make it difficult, for an adversary, to subvert the execution of a contract by making its subchain inconsistent. Existing approaches either postulate that subchains are always consistent, or give weak guarantees about their security (for instance, they are susceptible to Sybil attacks). We propose a consensus protocol, based on Proof-of-Stake, that incentivizes nodes to consistently extend the subchain. We empirically evaluate the security of our protocol, and we show how to exploit it as the basis for smart contracts on Bitcoin.

Category / Keywords: applications / cryptocurrencies

Original Publication (with minor differences): Workshop on Trusted Smart Contracts 2017

Date: received 15 May 2017

Contact author: bart at unica it

Available format(s): PDF | BibTeX Citation

Version: 20170515:142759 (All versions of this report)

Short URL: ia.cr/2017/417

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]